mirror of
https://github.com/The-Art-of-Hacking/h4cker.git
synced 2025-01-17 10:07:22 -05:00
Create BIOS-best-practices.md
This commit is contained in:
parent
86b3d7d8f2
commit
b2bb418ec8
15
linux-hardening/BIOS-best-practices.md
Normal file
15
linux-hardening/BIOS-best-practices.md
Normal file
@ -0,0 +1,15 @@
|
||||
# BIOS and Security Settings
|
||||
|
||||
BIOS, or Basic Input/Output System, is an essential part of a computer's operation, as it initiates the boot process and provides communication between the operating system and the hardware. As such, the security of the BIOS is critical to the overall security of the system. The following are some best practices for BIOS security:
|
||||
|
||||
| Best Practice | Description |
|
||||
|---------------|-------------|
|
||||
| Set a Strong BIOS Password | Prevents unauthorized users from accessing and changing BIOS settings. |
|
||||
| Enable Secure Boot | Only allows software with recognized signatures to boot, protecting against malicious code. |
|
||||
| Disable Unnecessary Hardware | Reduces the attack surface by turning off unused hardware components, if supported by the BIOS. |
|
||||
| Regularly Update BIOS Firmware | Fixes potential security vulnerabilities. Make sure to download updates directly from the manufacturer's website. |
|
||||
| Enable BIOS/UEFI Firmware Intrusion Detection | Provides notification if BIOS settings have been changed, allowing detection of unauthorized modifications. |
|
||||
| Use Full Disk Encryption (FDE) | Protects data on the hard drive by requiring a password to decrypt it. |
|
||||
| Enable TPM (Trusted Platform Module) | A specialized chip that stores RSA encryption keys specific to the host system for hardware authentication. |
|
||||
| Limit Physical Access | Prevents unauthorized BIOS access by securing physical systems in locked rooms or cases and using security cables. |
|
||||
|
Loading…
Reference in New Issue
Block a user